lesson 10 – securing your network security devices internal security external security viruses and...
Post on 22-Dec-2015
217 views
TRANSCRIPT
Proxy Server:
Server acting as a proxy (an anonymous intermediary) for
Network users.
Security devices
Securing Network from internal threats like:
Accessing information inappropriately.
Accessing other users’ files.
Impersonating other users.
Performing criminal activities on systems.
Packet “sniffing” on the Network.
INTERNAL SECURITY
To manage security:
Remove the guest account.
Rename the default name for the administrative account.
Remove access to Network resources.
Work closely with HR/legal departments.
Review newly assigned permissions.
Account security
To maintain password security:
Get users to change their Network password regularly.
Set the reuse policy.
Have passwords that are at least eight characters long.
Establish thresholds.
Account security
Control access to files and directories by using built-in
permissions.
File and directory permissions
Inform users what is expected of them in terms of security.
Discuss security issues with new employees.
Have users acknowledge their understanding.
Periodically audit users’ security actions.
Review the NOS’ security logs.
Practice and user education
Arise when a user from outside the company finds a user
password and logs on to the Network.
Front-door threats
Solutions:
Separate Network resources accessed from and outside the LAN.
Control users accessing LAN from outside the LAN.
Set up a separate remote access account for remote users.
Set up user accounts to use dial-back.
Change password when employee with broad access resigns.
Front-door threats
Software or hardware bugs in the Network’s OS enabling an
outsider to crack the Network’s security.
Back-door threats
Back-door threats
Solutions:
Host the company’s web site on an external server.
Implement a firewall router.
Review security settings for the web server.
Place web server for non-employees outside the firewall.
Denial of service
Solutions:
Keep various Network software “current”.
Disallow Internet Control Message Protocol (ICMP) traffic
service.
Denial of service
Demilitarized Zone (DMZ):
The area between computers placed between the firewall an
connection to an external Network.
Program that spreads by infecting other files with a copy of
itself.
Files infected by viruses include program files (.COM, .EXE,
and .DLL).
Virus
Program that propagates by sending copies of itself to other
computers.
Spreads by attaching to e-mails along with a message.
Worm
Program that claims to do something interesting and
performs malicious actions in the background.
Trojan horse
Malicious piece of programming code inserted into a normal
program.
Can be timed to erase key files.
Logic bomb
Internal security:
Account security
Account password security
File and directory permissions
SUMMARY